NPDS 4.8 5.0 - links.php?Query SQL Injection

NPDS 4.8 5.0 - links.php?Query SQL Injection source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attack...

NPDS 4.8 5.0 - sdv_infos.php?sitename Cross-Site Scripting

NPDS 4.8 5.0 - sdvinfos.php?sitename Cross-Site Scripting source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL...

NPDS 4.8 5.0 - faq.php?categories Cross-Site Scripting

NPDS 4.8 5.0 - faq.php?categories Cross-Site Scripting source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL...

NPDS 4.8 < 5.0 - 'sdv_infos.php?sitename' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of...

NPDS 4.8 /5.0 - 'modules.php?Lettre' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of...

NPDS 4.8 < 5.0 - 'faq.php?categories' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of...

NPDS 4.8 < 5.0 - 'reviews.php?title' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of...

GLSA-200503-37 : LimeWire: Disclosure of sensitive information

The remote host is affected by the vulnerability described in GLSA-200503-37 LimeWire: Disclosure of sensitive information Two input validation errors were found in the handling of Gnutella GET requests CAN-2005-0788 and magnet requests CAN-2005-0789. Impact : A remote attacker can craft a specif...

CVE-2005-0685

CVE-2005-0685 : Multiple access validation errors in OutStart Participate Enterprise (PE) allow remote attackers to perform unauthorized actions by manipulating parameters such as rootFolder, selectedObject, and selectedObjectsCSV across various views/commands (displaynavigator.jsp, renamepopup.j...

CVE-2005-0685

Multiple access validation errors in OutStart Participate Enterprise PE allow remote attackers to 1 browse arbitrary directory trees by modifying the rootFolder parameter to displaynavigator.jsp, 2 rename arbitrary directory objects by modifying the selectedObject parameter to renamepopup.jsp, 3...

CVE-2005-0685

Multiple access validation errors in OutStart Participate Enterprise PE allow remote attackers to 1 browse arbitrary directory trees by modifying the rootFolder parameter to displaynavigator.jsp, 2 rename arbitrary directory objects by modifying the selectedObject parameter to renamepopup.jsp, 3...

awstats -- arbitrary command execution

Several input validation errors exist in AWStats that allow a remote unauthenticated attacker to execute arbitrary commands with the priviliges of the web server. These programming errors involve CGI parameters including loadplugin, logfile, pluginmode, update, and possibly others. Additionally,...

[SA12789] IceWarp Web Mail Cross-Site Scripting Vulnerabilities

TITLE: IceWarp Web Mail Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA12789 VERIFY ADVISORY: http://secunia.com/advisories/12789/ CRITICAL: Moderately critical IMPACT: Unknown, Cross Site Scripting WHERE: From remote SOFTWARE: IceWarp Web Mail 5.x http://secunia.com/product/3775/...

Fastream NETFile FTP/Web Server Input validation Errors

Fastream NETFile FTP/Web Server Input validation Errors -------------------------------------------------------- Release Date: 4 July 2004 Severity: High Systems Affected: Fastream NETFile FTP/Web Server =v.6.7.2.1085 Systems Not Affected: Fastream NETFile FTP/Web Server v6.7.3 Vendor URL:...

FreeBSD-SA-04:07.cvs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:07.cvs Security Advisory The FreeBSD Project Topic: CVS path validation errors Category: contrib Module: contribcvs Announced: 2004-04-15 Revised: 2004-04-16...

Mambo Open Source 4.0.14 - PollBooth.php Multiple SQL Injections

Mambo Open Source 4.0.14 - PollBooth.php Multiple SQL Injections source: https://www.securityfocus.com/bid/9197/info Mambo Open Source is prone to SQL injection attacks. This is due to an input validation error in 'pollBooth.php'. In particular, various user-supplied variables are used in an SQL...

InstaBoard 1.3 - index.cfm SQL Injection

InstaBoard 1.3 - index.cfm SQL Injection source: https://www.securityfocus.com/bid/7338/info It has been reported that multiple input validation errors exist in the index.cfm file included with InstaBoard. Because of this issue, remote attackers may launch SQL injection attacks through the...

InstaBoard 1.3 - 'index.cfm' SQL Injection

source: https://www.securityfocus.com/bid/7338/info It has been reported that multiple input validation errors exist in the index.cfm file included with InstaBoard. Because of this issue, remote attackers may launch SQL injection attacks through the software. The consequences may vary depending o...

CSS in blackboard

Product: Blackboard 5 Vendor: Blackboard inc Website: www.Blackboard.com Reported: 24 apr 2002: Discovered CSS in blackboard program and company.blackboard.com. Reported CSS in blackboard program at http://company.blackboard.com/contactus/Suggestions.cgi. Reported CSS in company.blackboard.com to...